RE: IKEv2 and IANA registry
Paul Hoffman / VPNC <paul.hoffman@vpnc.org> Wed, 07 April 2004 20:20 UTC
Received: from lists.tislabs.com (portal.tislabs.com [192.94.214.101]) by above.proper.com (8.12.11/8.12.8) with ESMTP id i37KKevW028480; Wed, 7 Apr 2004 13:20:40 -0700 (PDT) (envelope-from owner-ipsec@lists.tislabs.com)
Received: by lists.tislabs.com (8.11.6/8.11.6) id i37JaFC23907 for ipsec-outgoing; Wed, 7 Apr 2004 15:36:15 -0400 (EDT)
X-Authentication-Warning: portal.tislabs.com: majordom set sender to owner-ipsec@lists.tislabs.com using -f
Mime-Version: 1.0
X-Sender: phoffvpnc@mail.vpnc.org
Message-Id: <p0610043cbc9a0a61ed96@[63.202.92.152]>
In-Reply-To: <F5F4EC6358916448A81370AF56F211A5025DF817@RED-MSG-51.redmond.corp.microsof t.com>
References: <F5F4EC6358916448A81370AF56F211A5025DF817@RED-MSG-51.redmond.corp.microsof t.com>
Date: Wed, 07 Apr 2004 12:47:08 -0700
To: ipsec@lists.tislabs.com
From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
Subject: RE: IKEv2 and IANA registry
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
It sounds like the draft-ietf-ipsec-ikev2-iana needs to be updated. At 11:47 AM -0700 4/7/04, Charlie Kaufman wrote: >2) For pseudo-random transform type 2, the ikev2-13 document defines > > AUTH_AES_XCBC_96 5 > >I don't know the story here; perhaps this algorithm was added late, or >perhaps it should be removed as an inappropriate PRF. It should instead say "AES-XCBC-PRF-128" and reference RFC 3664. >3) For Extended Sequence Numbers Transform Type 5, (0=NO; 1=YES), the >iana document lists values 2-65535 as reserved to IANA (thus creating a >registry). In the ikev2-13, they are RESERVED (avoiding the need for a >registry). I believe no registry is needed; I doubt any expert would >approve creation of a new value for a Boolean. Fully agree. >4) For Identification Payload ID types, the iana document says the >values 12-255 are reserved to iana. Ikev2-13 says 12-200 are reserved to >iana and 201-255 are for private use. It would be very good to have private use ID payloads. >6) For traffic selector types, the iana document says types 9-255 are >reserved to iana; ikev2-13 says 9-240 are reserved to iana and 241-255 >are for private use. It would be very good to have private use traffic selectors. --Paul Hoffman, Director --VPN Consortium
- RE: IKEv2 and IANA registry Charlie Kaufman
- RE: IKEv2 and IANA registry Paul Hoffman / VPNC
- Re: IKEv2 and IANA registry Michael Richardson
- Re: IKEv2 and IANA registry Paul Hoffman / VPNC
- Re: IKEv2 and IANA registry Theodore Ts'o